How to take auto backup in Fortigate via auto script? – FortiGate

I would like to recommend taking Fortigate device backup on daily basis and Fortigate have feature to take auto backup for Fortigate device via auto script.

If your organization has Fortimanagar then taking auto backup from Fortimanagar but if standalone device or single device then Fortigate have feature of taking schedule backup.

Backing up the configuration using the CLI via media like
  • TFTP
  • SCP
  • FTP

Here is basic command that can perform easily without the help of vendor.

First, you have to check ping connectivity from Fortigate device to backup path address.

If ping not able get from Fortigate you will gate below error.

NETSECLAB # execute backup full-config ftp backup.conf 10.10.10.30

Please wait…

Connect to ftp server 10.10.10.30 …

Send config file to ftp server via vdom root failed.

Command fail. Return code 5

Ping should be getting from Fortigate device. If not getting please check the static route of backup path address network.

Perform below command for auto-backup script.

NETSECLAB # config system auto-script

NETSECLAB (auto-script) # show

config system auto-script

end

NETSECLAB (auto-script) # sh full-configuration

config system auto-script

end

NETSECLAB (auto-script) # edit Auto_Backup

new entry ‘Auto_Backup’ added

NETSECLAB (Auto_Backup) # show full-configuration

config system auto-script

    edit “Auto_Backup”

        set interval 0

        set repeat 1

        set start manual

        set script ”

        set output-size 10

    next

end

NETSECLAB (Auto_Backup) # set interval 120

NETSECLAB (Auto_Backup) # set repeat 0

NETSECLAB (Auto_Backup) # set start auto

NETSECLAB (Auto_Backup) # set script “execute backup config ftp NETSECLAB.conf 10.10.10.30 anonymous anonymous”

NETSECLAB (Auto_Backup) # next

NETSECLAB (auto-script) # show full-configuration

config system auto-script

    edit “Auto_Backup”

        set interval 120

        set repeat 0

        set start auto

        set script “execute backup config ftp NETSECLAB.conf 10.10.10.30 anonymous anonymous”

        set output-size 10

    next

end

NETSECLAB (auto-script) # end

NETSECLAB #

NETSECLAB #

NETSECLAB #

Below command for TFTP

execute backup config tftp <backup_filename> <tftp_servers> <password>

Below Command for SCP

config system global

set admin-scp enable

end

Use the same commands to backup a VDOM configuration by first entering the commands:

config global

set admin-scp enable

end

config vdom

edit <vdom_name>

The script can also be configured via the GUI (Global >> System >> Advanced >> Configuration Scripts).

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Create a free website or blog at WordPress.com.

Up ↑